Understanding the New SEC Cybersecurity Rules: A Guide for Executives

Credit to Author: gallagherseanm| Date: Mon, 31 Jul 2023 10:00:38 +0000

The new SEC cybersecurity rules significantly enhance disclosure requirements, emphasize the board’s role in risk management, and introduce a stringent four-day reporting timeline, necessitating that public companies bolster their cybersecurity strategies, improve incident response processes, and ensure robust communication plans are in place.

Read more

Token tactics: How to prevent, detect, and respond to cloud token theft

Credit to Author: Paul Oliveria| Date: Wed, 16 Nov 2022 16:00:00 +0000

As organizations increase their coverage of multifactor authentication (MFA), threat actors have begun to move to more sophisticated techniques to allow them to compromise corporate resources without needing to satisfy MFA. Recently, the Microsoft Detection and Response Team (DART) has seen an increase in attackers utilizing token theft for this purpose.

The post Token tactics: How to prevent, detect, and respond to cloud token theft appeared first on Microsoft Security Blog.

Read more

Rapid Response: The Ngrok Incident Guide

Credit to Author: Angela Gunn| Date: Thu, 14 Jul 2022 08:01:51 +0000

Ngrok is a legitimate remote-access tool. It is regularly abused by attackers, who use its capabilities and reputation to maneuver while bypassing network protections. This incident guide shows Security Operations Centers (SOCs) and response teams how to detect and respond to the suspicious presence or use of ngrok on the network.

Read more